Bitcoin, financial cryptography and payment systems

Ian Grigg’s Financial Cryptography blog (FC) is one of the best sources on (alternative) payment systems. In terms of calling out risks and issues with the Bitcoin currency and market, Ian Grigg’s papers have been a hit and a miss. Bitcoin and Gresham’s Law has been thoroughly beaten by the Bitcoin mining crowd that has kept up to date with technology advances and didn’t focus solely on the potential economic issues of the emerging market. Despite the technology making the main point of the paper moot, it is still a good paper to read. Abstract:
> The Bitcoin economy exhibits remarkable and predictable stability on the supply side based on the power costs of mining. However, that stability is challenged if cost-curve assumption is not solely expressed by the fair cost of power. As there is at least one major player, the botnets, that can operate at a power-cost-curve of zero, the result is a breach of Gresham’s Law: stolen electricity will drive out honest mining. This has unfortunate effects for the stability of the Bitcoin economy, and the result is inevitable collapse.

In short, what happened is that all the seriously minded bitcoin miners switched from using a computer’s central processing unit (CPU) to more appropriate for number crunching graphics processing unit (GPU). The difference in output is significant: CPU’s are all-purpose chips, whereas GPU’s are designed and built for a single purpose: fast and efficient number crunching. Bitcoin mining is in essence just a lot of number crunching: a match made in hea^Wwell-cooled computer chassis.

The main drive of that paper: bitcoin mining has to be profitable for people to do, otherwise they will go elsewhere. If there is no reason to participate in the economy it stagnates and collapses. That point was largely ignored by the technically minded (both economics and hashing crowd) because the paper spent too much time on speculation and not enough time on calling out the blatantly obvious things.

Which brings us to the second paper, one that is solely and purely focused on the expertise that FC can provide: financial transactions. Abstract:
> Bitcoin has a high latency for verifying transactions, by design. Averaging around 8 minutes, such high latency does not resonate with the needs of financial traders for speed, and it opens the door for time-based arbitrage weaknesses such as market timing attacks. Although perhaps tractable in some markets such as peer to peer payments, the Achilles heel of latency makes Bitcoin unsuitable for direct trading of financial assets, and ventures seeking to exploit the market for financial assets will need to overcome this burden.

Coincidentally not long after announcement of the paper’s release on the FC blog comes the advisory by one of Bitcoin’s largest exchanges, Mt.Gox that it was hit with a market timing attack based on latency:
>The bitcoin api “sendtoaddress” broadly used to send bitcoins to a given bitcoin address will return a transaction hash as a way to track the transaction’s insertion in the blockchain.
>Most wallet and exchange services will keep a record of this said hash in order to be able to respond to users should they inquire about their transaction. It is likely that these services will assume the transaction was not sent if it doesn’t appear in the blockchain with the original hash and have currently no means to recognize the alternative transactions as theirs in an efficient way.

This means that an individual could request bitcoins from an exchange or wallet service, alter the resulting transaction’s hash before inclusion in the blockchain, then contact the issuing service while claiming the transaction did not proceed. If the alteration fails, the user can simply send the bitcoins back and try again until successful.

There’s plenty that Bitcoin got wrong, and a slew of other cryptocurrencies are trying to fix now. But there’s one thing that none of the cryptocurrency advocates wants to talk about: the fragility of their system against legal and regulatory intervention.